This beta includes a critical security fix. All sites are encouraged to update as soon as possible. This fix prevents a RCE via malicious SNS subscription payload.
Submit a post, only to realize you need to make a small change? With fast edits, this can be done quicker and easier than ever before. No need to open the full composer, just highlight the word(s) you need to fix, click edit, and make the change right there.
Please note, fast edit can’t handle complex post content - for example editing multiple cells in a table. When fast edit is unable to work, the full composer will open automatically.
Topics can now be bookmarked, not just individual posts. When a topic is bookmarked, users following the bookmark will land at their last unread position automatically. Topic bookmarks can be created via the footer when no other posts are bookmarked.
New users, as well as those users without posts, likes, notifications, etc. frequently land on pages within Discourse that are “blank”. Instead of showing a blank page, Discourse now displays just in time info so the user can learn what will eventually be shown. Such content has been added to the activity/topics page, activity/read page, user messages page, and within the group messages pages.
When granting admin access, if the existing admin has two-factor authentication enabled they will now be prompted to enter an authentication code (or use their security key) to approve the access grant. When two-factor is not enabled, a confirmation email will be sent.
Ever close a topic and delete the small post created, only to realize you needed it? So you go back, open the topic, and close it again, so you can have the small post? No more! Small posts can now be restored just like a normal post.
A new site setting,
disable category edit notifications allows admins to control whether users are notified when moderators move their post to a different category.
Previously, if a user made a selection in a single choice poll, they could only change their vote - it wasn’t possible to remove it. Users can now use the remove vote button, or select the same option again to remove their vote.
Discourse has long shipped with multiple themes, including a dark theme. New sites now enable both light and dark themes by default, and switch automatically based on users’ device preferences.
By default, Discourse uses soft-delete, so posts and topics can be recovered as needed by site staff. There may be times where a post or topic needs to be fully deleted - removed from the database entirely - for example due to a legal issue. A new site setting,
can permanently delete has been added to support this. This setting is not accessible via the UI - an admin with SSH access must enable it via the rails console. Once enabled, admins can permanently delete posts. Admins must wait at least one minute after a post is deleted to be able to permanently delete it. Posts can be permanently deleted without waiting if the initial deletion was made by another admin. Moderators do not have the ability to permanently delete posts.
- Don’t output aria label identical to title
- Use shorter label for hamburger menu
- Fix several minor issues
- Add labels to some search fields, category notification selector
- Add more descriptive labels for some dropdowns
- Use listbox role for dropdowns
- Do not default to label for aria-label
- Improve create account modal for screen readers
This beta has so many new features we can’t detail them all. Below are some additional features of note. You can find the full list of new features in the following post.
- Hide suspended users from site-wide search to regular users
- Enable users to choose unseen as a default view
- Display new/unread count in browse more messages for PMs.
- Add game consoles to unsupported browsers
- Cook drafts excerpt in user activity
- User/category/tag results in full page search
- Humanize file size error messages
- Shortcuts for quote (q) and fast edit (e)
- Stop using email as source for username and name suggestions for Single Sign On
- Add a hidden setting that enables using email as a source for username suggestions